[PATCH 1/2] realtek: Use firewall4
Daniel Golle
daniel at makrotopia.org
Tue Mar 1 13:11:49 PST 2022
On Tue, Mar 01, 2022 at 09:51:32PM +0100, Bjørn Mork wrote:
> Petr Štetiar <ynezz at true.cz> writes:
>
> > Sander Vanheule <sander at svanheule.net> [2022-02-28 23:00:34]:
> >
> >> I wonder if it doesn't make more sense to drop the firewall package from the
> >> default now, since there is only one interface, unless there is a different
> >> reason to keep the firewall.
> >
> > 1. consistency
>
> With what exactly? It's a switch. It doesn't need router specific
> software.
We may need to add a 'switch' DEVICE_TYPE in include/target.mk
selecting packages relevant for this class of devices.
('bridge' or 'ip-full', 'ethtool', ...)
>
> > 2. supporting more common use cases out of the box
>
> It's just bloat. The flash size is small on many of these devices.
It's rather the very limited performance of the CPU and Ethernet MAC
used for the CPU port which makes me disregard those (layer-2)
switches being used for anything else than that.
>
> > 3. wider testing audience of core networking components
>
> The firewall package is tested on most devices. This should be enough.
>
> I'm with Sander. Please drop the firewall package. Not sure how useful
> dnsmasq and odhcpd-ipv6only are either? Why would I want those on my
> switch? It's not a router, DNS server or DHCP server.
Exactly. I fully agree, none of those packages make much sense on this
class of devices and all of them should be dropped from default
installations. Obviously users may still install them if they really
want their switch to act as DHCP server and/or caching DNS resolver.
More information about the openwrt-devel
mailing list